Apple has released security updates to fix vulnerabilities in macOS Catalina 10.15.7, iCloud for Windows 11.4 and other products.
A hacker could exploit some of these vulnerabilities to take control of affected devices.
macOS security updates
Apple released macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, and Security Update 2020-005 Mojave on September 24.
In total, 4 macOS vulnerabilities were fixed (with impacted Apple component):
- CVE-2020-9961: An out-of-bounds read was addressed with improved input validation (ImageIO)
- CVE-2020-9941: This issue was addressed with improved checks (Mail).
- CVE-2020-9973: An out-of-bounds read was addressed with improved bounds checking (Model I/O).
- CVE-2020-9968: A logic issue was addressed with improved restrictions (Sandbox).
iCloud for Windows
Apple also released iCloud for Windows 11.4 that fixes just one WebKit ‘input validation’ vulnerability CVE-2020-9952. This update is available for Windows 10 systems.
In addition, the company also released iCloud for Windows 7.21 for Windows 7 and later systems. This update also fixes the same WebKit vulnerability.
Other Apple updates
Finally, Apple published new updates for iOS 14.0.1, watchOS 7.0.1 and tvOS 14.0.1, but each had no CVEs published.
The latest updates come just over a week after Apple released security updates for iOS 14.0, iPadOS 14.0, watchOS 7.0, Safari 14.0, tvOS 14.0 and Xcode 12.0. Apple also added new Privacy features for iOS 14.0.